Method, system and apparatus for management of applications for an SMA controller

ABSTRACT

A server-based environment for management of widget programs distributable to remote execution and display devices is provided. Embodiments of the present invention provide a set of tools for operator development of widget programs, operator provisioning of the widget programs and user selection of programs or parameters for the widget programs. Embodiments of the present invention further provide for operator-determined widget program or widget program functionality distribution.

CROSS REFERENCE TO RELATED APPLICATIONS

This invention claims priority from Provisional Patent Application Ser. No. 61/174,366, entitled “REMOTE SECURITY STATION,” filed Apr. 30, 2009, and naming Alan Wade Cohn as inventor. This provisional patent application is incorporated herein by reference in its entirety and for all purposes.

FIELD OF THE INVENTION

Embodiments of the present invention relate generally to the field of home security, monitoring and automation, and specifically to providing operator provisioned and user-selected widget programs for a user-configurable controller for security, monitoring and automation.

BACKGROUND OF THE INVENTION

Residential electronics and control standards provide an opportunity for a variety of options for securing, monitoring, and automating residences. Wireless protocols for transmission of security information permit placement of a multitude of security sensors throughout a residence without a need for running wires back to a central control panel. Inexpensive wireless cameras also allow for placement of cameras throughout a residence to enable easy monitoring of the residence. A variety of home automation control protocols have also been developed to allow for centralized remote control of lights, appliances, and environmental apparatuses (e.g., thermostats). Traditionally, each of these security, monitoring and automation protocols require separate programming, control and monitoring stations. To the extent that home automation and monitoring systems have been coupled to home security systems, such coupling has involved including the automation and monitoring systems as slaves to the existing home security system. This limits the flexibility and versatility of the automation and monitoring systems and ties such systems to proprietary architectures.

A security system alerts occupants of a dwelling and emergency authorities of a violation of premises secured by the system. A home monitoring system monitors a status of a home so that a user can be made aware of any monitored state changes. A home automation system automates and remotely controls lifestyle conveniences such as lighting, heating, cooling, and appliances.

Rather than having multiple devices to control each of the security, monitoring and automation environments, it is desirable to have a centralized controller capable of operating in each environment, thereby reducing the equipment needed in a dwelling. It is further desirable for such a controller to function as a gateway for external network access.

Gateway access can include user access to the controller in order to control or monitor devices in locations remote from the dwelling. Gateway access can also permit provisioning of additional software programs that can execute on the controller. Such programs can provide a variety of functions beyond security, monitoring and automation to the end-user. It is desirable for controller providers to have a system by which they can provide and provision such programs, controlling availability and functionality.

SUMMARY OF THE INVENTION

Embodiments of the present invention provide a server-based environment for management of widget programs distributable to remote execution and display devices. Embodiments of the present invention provide a set of tools for operator development of widget programs, operator provisioning of the widget programs and user selection of programs or parameters for the widget programs. Embodiments of the present invention further provide for operator-determined widget program or widget program functionality distribution (e.g., distribution based on end user tiers or other user purchases services).

One embodiment of the present invention provides for importing a widget program package into a widget management system, assigning a widget program that is part of the widget program package to a service tier, and providing the widget program to a customer of the widget management system that is a member of the service tier for installation on a remote network node associated with the customer. One aspect of the above embodiment further provides for selecting the customer from all customers of the widget management system and automatically performing the transmitting of the widget program to the remote network node. Another aspect of the above embodiment further provides for identifying a customer's service tier, displaying widget information to the customer related to their service tier, and transmitting a selected widget program to the remote network node.

A further aspect of the above embodiments provides for defining the service tier to correspond to a customer's purchased level of service. Another aspect of the above embodiments provides for assigning a range of functionality of the widget program to a service tier. Other aspects of the above embodiments provide for the composition of the widget program package, including definitions provided by a widget manifest file that describes the widget program.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention may be better understood, and its numerous objects, features and advantages made apparent to those skilled in the art by referencing the accompanying drawings.

FIG. 1 is a simplified block diagram illustrating an architecture including a set of logical domains and functional entities within which embodiments of the present invention interact.

FIG. 2 is a simplified block diagram illustrating a hardware architecture of an SMA controller, according to one embodiment of the present invention.

FIG. 3 is a simplified block diagram illustrating a logical stacking of an SMA controller's firmware architecture, usable with embodiments of the present invention.

FIG. 4 is an illustration of an example user interface for an SMA controller 120, according to an embodiment of the present invention.

FIG. 5 is a simplified flow diagram illustrating a widget management process, in accord with embodiments of the present invention.

FIG. 6 provides an example of manifest data file data usable by embodiments of the present invention.

FIG. 7 illustrates one example of a management portal interface usable by embodiments of the present invention.

FIG. 8 illustrates an example of a tier selection pane provided by a management portal, in accord with embodiments of the present invention.

FIG. 9 depicts a block diagram of a computer system suitable for implementing aspects of the present invention.

FIG. 10 is a block diagram depicting a network architecture suitable for implementing aspects of the present invention.

DETAILED DESCRIPTION

Embodiments of the present invention provide a server-based environment for management of widget programs distributable to remote execution and display devices. Embodiments of the present invention provide a set of tools for operator development of widget programs, operator provisioning of the widget programs and user selection of programs or parameters for the widget programs. Embodiments of the present invention further provide for operator-determined widget program or widget program functionality distribution.

Architectural Overview

Embodiments of the configurable security, monitoring and automation (SMA) controller of the present invention provide not only for communicating with and interpreting signals from sensors and devices within a dwelling, but also for accessing and monitoring those sensors and devices from locations remote to the dwelling. Embodiments of the SMA controller provide such capability through linkages to external servers via access networks such as the Internet, provider network, or a cellular network. The external servers provide a portal environment through which a user can, for example, monitor the state of sensors coupled to the SMA controller in real-time, configure the controller, and provide controlling information to the SMA controller. One or more of the servers can provide a management portal by which a provider of the SMA controller can also provide additional functionality for the SMA controller through one or more widget programs executable by the SMA controller. The servers further provide a connection to a traditional security central station, which can then contact authorities in the event of an alarm condition being detected by the SMA controller in the dwelling.

FIG. 1 is a simplified block diagram illustrating an architecture including a set of logical domains and functional entities within which embodiments of the present invention interact. A home domain 110 includes an embodiment of the SMA controller 120. The home domain is coupled via an access domain 150 to an operator domain 160 that includes various servers. The servers are in turn coupled to a central station 190 and to various remote user communication options.

The home domain refers to a collection of security, monitoring and automation entities within a dwelling or other location having SMA devices. SMA controller 120 is a device that provides an end-user SMA interface to the various SMA entities (e.g., radio-frequency sensors) within home domain 110. SMA controller 120 further acts as a gateway interface between home domain 110 and operator domain 160. SMA gateway 120 provides such gateway access to operator domain 160 via a network router 125. Network router 125 can be coupled to SMA controller 120 and to home network devices such as home computer 127 via either hard wired or wireless connections (e.g., WiFi, tethered Ethernet, and power-line network). A network router 125 coupled to a broadband modem (e.g., a cable modem or DSL modem) serves as one link to networks in access domain 150.

SMA devices within home domain 110 can include a variety of RF or wireless sensors 130 whose signals are received and interpreted by SMA gateway 120. RF sensors 130 can include, for example, door or window sensors, motion detectors, smoke detectors, glass break detectors, inertial detectors, water detectors, carbon dioxide detectors, and key fob devices. SMA gateway 120 can be configured to react to a change in state of any of these detectors. In addition to acting and reacting to changes in state of RF sensors 130, SMA controller 120 also can be coupled to a legacy security system 135. SMA controller 120 controls the legacy security system by interpreting signals from sensors coupled to the legacy security system and reacting in a user-configured manner. SMA gateway 120, for example, will provide alarm or sensor state information from legacy security system 135 to servers in operator domain 160 that may ultimately inform central station 190 to take appropriate action.

SMA gateway 120 can also be coupled to one or more monitoring devices 140. Monitoring devices 140 can include, for example, still and video cameras that provide images that are viewable on a screen of SMA gateway 120 or a remotely connected device. Monitoring devices 140 can be coupled to SMA gateway 120 either wirelessly (e.g., WiFi via router 125) or other connections.

Home automation devices 145 (e.g., home area network devices having an automation interface) can also be coupled to and controlled by SMA gateway 120. SMA gateway 120 can be configured to interact with a variety of home automation protocols, such as, for example, Z-Wave and ZigBee.

Embodiments of SMA controller 120 can be configured to communicate with a variety of RF or wireless sensors and are not limited to the RF sensors, monitoring devices and home automation devices discussed above. A person of ordinary skill in the art will appreciate that embodiments of the present invention are not limited to or by the above-discussed devices and sensors, and can be applied to other areas and devices.

Embodiments of SMA controller 120 can be used to configure and control home security devices (e.g., 130 and 135), monitoring devices 140 and automation devices 145, either directly or by providing a gateway to remote control via servers in operator domain 160. SMA controller 120 communicates with servers residing in operator domain 160 via networks in access domain 150. Broadband communication can be provided by coupling SMA controller 120 with a network router 125, which in turn is coupled to a wide area network 152, such as a provider network or the Internet, via an appropriate broadband modem. The router can be coupled to the wide area network through cable broadband, DSL, and the like. Wide area network 152, in turn, is coupled to servers in operator domain 160 via an appropriate series of routers and firewalls (not shown). SMA controller 120 can include additional mechanisms to provide a communication with the operator domain. For example, SMA controller 120 can be configured with a cellular network transceiver that permits communication with a cellular network 154. In turn, cellular network 154 can provide access via routers and firewalls to servers in operator domain 160. Embodiments of SMA controller 120 are not limited to providing gateway functionality via cellular and dwelling-based routers and modems. For example, SMA gateway 120 can be configured with other network protocol controllers such as WiMAX satellite-based broadband, direct telephone coupling, and the like.

Operator domain 160 refers to a logical collection of SMA servers and other operator systems in an operator's network that provide end-user interfaces, such as portals accessible to subscribers of the SMA service, that can configure, manage and control SMA elements within home domain 110. Servers can also provide management portals for the provider to configure available services to the SMA controllers. Servers in operator domain 160 can be maintained by a provider (operator) of subscriber-based services for SMA operations. Examples of providers include cable providers, telecommunications providers, and the like. A production server architecture in operator domain 160 can support SMA systems in millions of home domains 110.

Individual server architectures can be of a variety of types, and in one embodiment, the server architecture is a tiered Java2 Enterprise Edition (J2EE) service oriented architecture. Such a tiered service oriented architecture can include an interface tier, a service tier, and a data access logic tier. The interface tier can provide entry points from outside the server processes, including, for example, browser web applications, mobile web applications, web services, HTML, XHTML, SOAP, and the like. A service tier can provide a variety of selectable functionality passed along by the operator to the end user, including widget programs. Service tiers can relate to end user subscription levels offered by the operator (e.g., payment tiers corresponding to “gold” level service, “silver” level service and “bronze” level service). Finally the data access logic tier provides access to various sources of data including database servers.

FIG. 1 illustrates an example set of servers that can be provided in operator domain 160. Servers 165 can support all non-alarm and alarm events, heartbeat, and command traffic between the various servers and SMA controllers 120. Servers 165 can also manage end-user electronic mail and SMS notification, as well as integration with provider billing, provisioning, inventory, tech support systems, and the like.

A portal server 170 can provide various user interface applications, including, for example, a subscriber portal, a mobile portal, and a management portal. A subscriber portal is an end-user accessible application that permits an end-user to access a corresponding SMA controller remotely via standard web-based applications. Using such a subscriber portal can provide access to the same SMA functions that an interface directly coupled to the SMA controller would provide, plus additional functions such as alert and contact management, historical data, widget and camera management, account management, and the like. A mobile portal can provide all or part of the access available to an end-user via the subscriber portal. A mobile portal can be limited, however, to capabilities of an accessing mobile device (e.g., touch screen or non-touch screen cellular phones). A management portal provides an operator representative access to support and manage SMA controllers in home domains 110 and corresponding user accounts via a web-based application. Using a management portal, an operator representative can provision and provide a variety of functionality via, for example, widget programs to the SMA controllers, as will be discussed in greater detail below. The management portal can provide tiers of management support so that levels of access to user information can be restricted based on authorization of a particular employee.

Telephony server 180 can process and send information related to alarm events received from SMA controllers 120 to alarm receivers at central monitoring station 190. A server 165 that processes the alarm event makes a request to telephony server 180 to dial the central station's receiver and send corresponding contact information. Telephony server 180 can communicate with a plurality of central stations 190. Server 165 can determine a correct central station to contact based upon user account settings associated with the transmitting SMA controller. Thus, alarms can be routed to different central stations based upon user accounts. Further, accounts can be transferred from one central station to another by modifying user account information. Telephony server 180 can communicate with alarm receivers at central station 190 using, for example, a security industry standard contact identification protocol (e.g., dual-tone multi-frequency [DTMF]) and broadband protocols.

A backup server 175 can be provided to guarantee that an alarm path is available in an event that one or more servers 165 become unavailable or inaccessible. A backup server 175 can be co-located to the physical location of servers 165 to address scenarios in which one or more of the servers fail. Alternatively, a backup server 175 can be placed in a location remote from servers 165 in order to address situations in which a network failure or a power failure causes one or more of servers 165 to become unavailable. SMA controllers 120 can be configured to transmit alarm events to a backup server 175 if the SMA controller cannot successfully send such events to servers 165.

A database server 185 provides storage of all configuration and user information accessible to other servers within operator domain 160. Selection of a type of database provided by database server 185 can be dependent upon a variety of criteria, including, for example, scalability and availability of data. One embodiment of the present invention uses database services provided by an ORACLE database.

A server 165 in operator domain 160 provides a variety of functionality. Logically, a server 165 can be divided into the following functional modules: a broadband communication module, a cellular communication module, a notification module, a telephony communication module, and an integration module.

The broadband communication module manages broadband connections and message traffic from a plurality of SMA controllers 110 coupled to server 165. Embodiments of the present invention provide for the broadband channel to be a primary communication channel between an SMA controller 120 and servers 165. The broadband communication module handles a variety of communication, including, for example, all non-alarm and alarm events, broadband heartbeat, and command of traffic between server 165 and SMA controller 120 over the broadband channel. Embodiments of the present invention provide for an always-on persistent TCP socket connection to be maintained between each SMA controller and server 165. A variety of protocols can be used for communications between server 165 and SMA controller 120 (e.g., XML over TCP, and the like). Such communication can be secured using standard transport layer security (TLS) technologies. Through the use of an always-on socket connection, servers 165 can provide near real-time communication between the server and an SMA controller 120. For example, if a user has a subscriber portal active and a zone is tripped within home domain 110, a zone fault will be reflected in near real-time on the subscriber portal user interface.

The cellular communication module manages cellular connections and message traffic from SMA controllers 120 to a server 165. Embodiments of the present invention use the cellular channel as a backup communication channel to the broadband channel. Thus, if a broadband channel becomes unavailable, communication between an SMA controller and a server switches to the cellular channel. At this time, the cellular communication module on the server handles all non-alarm and alarm events, and command traffic from an SMA controller. When a broadband channel is active, heartbeat messages can be sent periodically on the cellular channel in order to monitor the cellular channel. When a cellular protocol communication stack is being used, a TCP socket connection can be established between the SMA controller and server to ensure reliable message delivery for critical messages (e.g., alarm events and commands). Once critical messages have been exchanged, the TCP connection can be shut down thereby reducing cellular communication costs. As with broadband communication, XMPP can be the messaging protocol used for such communications. Similarly, such communication can be secured using TLS and SASL authentication protocols. Non-critical messages between an SMA controller and a server can be sent using UDP. A compressed binary protocol can be used as a messaging protocol for such communications in order to minimize cellular costs for such message traffic. Such messages can be secured using an encryption algorithm, such as the tiny encryption algorithm (TEA). Cellular communication can be established over two network segments: the GSM service provider's network that provides a path between an SMA controller and a cellular access point, and a VPN tunnel between the access point and an operator domain data center.

A notification module of server 165 determines if and how a user should be notified of events generated by their corresponding SMA controller 120. A user can specify who to notify of particular events or event types and how to notify the user (e.g., telephone call, electronic mail, text message, page, and the like), and this information is stored by a database server 185. When events such as alarm or non-alarm events are received by a server 165, those events can be passed asynchronously to the notification module, which determines if, who and how to send those notifications based upon the user's configuration.

The telephony communication module provides communication between a server 165 and telephony server 180. When a server 165 receives and performs initial processing of alarm events, the telephony communication module forwards those events to a telephony server 180 which in turn communicates with a central station 190, as discussed above.

The integration module provides infrastructure and interfaces to integrate a server 165 with operator business systems, such as, for example, billing, provisioning, inventory, tech support, and the like. An integration module can provide a web services interface for upstream integration that operator business systems can call to perform operations like creating and updating accounts and querying information stored in a database served by database server 185. An integration module can also provide an event-driven framework for downstream integration to inform operator business systems of events within the SMA system.

SMA Controller Architecture

FIG. 2 is a simplified block diagram illustrating a hardware architecture of an SMA controller, according to one embodiment of the present invention. A processor 210 is coupled to a plurality of communications transceivers, interface modules, memory modules, and user interface modules. Processor 210, executing firmware discussed below, performs various tasks related to interpretation of alarm and non-alarm signals received by SMA controller 120, interpreting reactions to those signals in light of configuration information either received from a server (e.g., server 165) or entered into an interface provided by SMA controller 120 (e.g., a touch screen 220). Embodiments of the present invention can use a variety of processors, for example, an ARM core processor such as a FREESCALE i.MX35 multimedia applications processor.

SMA controller 120 can provide for user input and display via a touch screen 220 coupled to processor 210. Processor 210 can also provide audio feedback to a user via use of an audio processor 225. Audio processor 225 can, in turn, be coupled to a speaker that provides sound in home domain 110. SMA controller 120 can be configured to provide a variety of sounds for different events detected by sensors associated with the SMA controller. Such sounds can be configured by a user so as to distinguish between alarm and non-alarm events.

As discussed above, an SMA controller 120 can communicate with a server 165 using different network access means. Processor 210 can provide broadband access to a router (e.g., router 125) via an Ethernet broadband connection PHY 130 or via a WiFi transceiver 235. The router can then be coupled to or be incorporated within an appropriate broadband modem. Cellular network connectivity can be provided by a cellular transceiver 240 that is coupled to processor 210. SMA controller 120 can be configured with a set of rules that govern when processor 210 will switch between a broadband connection and a cellular connection to operator domain 160.

In order to communicate with the various sensors and devices within home domain 110, processor 210 can be coupled to one or more transceiver modules via, for example, a serial peripheral interface such as a SPI bus 250. Such transceiver modules permit communication with sensors of a variety of protocols in a configurable manner. Embodiments of the present invention can use a transceiver to communicate with a variety of RF sensors 130, using a variety of communication protocols. Similarly, home automation transceivers (e.g., home area network devices having an automation interface) that communicate using, for example, Z-Wave or ZigBee protocols can be coupled to processor 210 via SPI 250. If SMA controller 120 is coupled to a legacy security system 135, then a module permitting coupling to the legacy security system can be coupled to processor 210 via SPI 250. Other protocols can be provided for via such plug-in modules including, for example, digital enhanced cordless telecommunication devices (DECT). In this manner, an SMA controller 120 can be configured to provide for control of a variety of devices and protocols known both today and in the future. In addition, processor 210 can be coupled to other types of devices (e.g., transceivers or computers) via a universal serial bus (USB) interface 255.

In order to locally store configuration information and software (e.g., widget programs) for SMA controller 120, a memory 260 is coupled to processor 210. Additional memory can be coupled to processor 210 via, for example, a secure digital interface 265. A power supply 270 is also coupled to processor 210 and to other devices within SMA controller 120 via, for example, a power management controller module.

SMA controller 120 is configured to be a customer premises equipment device that works in conjunction with server counterparts in operator domain 160 in order to perform functions required for security monitoring and automation. Embodiments of SMA controller 120 provide a touch screen interface (e.g., 220) into all the SMA features. Via the various modules coupled to processor 210, the SMA controller bridges the sensor network, the control network, and security panel network to broadband and cellular networks. SMA controller 120 further uses the protocols discussed above to carry the alarm and activity events to servers in the operator domain for processing. These connections also carry configuration information, provisioning commands, management and reporting information, security authentication, any real-time media such as video or audio, and any data transfer required by locally-executing widget programs.

FIG. 3 is a simplified block diagram illustrating a logical stacking of an SMA controller's firmware architecture, usable with embodiments of the present invention. Since SMA controller 120 provides security functionality for home domain 110, the SMA controller should be a highly available system. High availability suggests that the SMA controller be ready to serve an end-user at all times, both when a user is interacting with the SMA controller through a user interface and when alarms and other non-critical system events occur, regardless of whether a system component has failed. In order to provide such high availability, SMA controller 120 runs a micro-kernel operating system 310. An example of a micro-kernel operating system usable by embodiments of the present invention is a QNX real-time operating system. Under such a micro-kernel operating system, drivers, applications, protocol stacks and file systems run outside the operating system kernel in memory-protected user space. Such a micro-kernel operating system can provide fault resilience through features such as critical process monitoring and adaptive partitioning. As a result, components can fail, including low-level drivers, and automatically restart without affecting other components or the kernel and without requiring a reboot of the system. A critical process monitoring feature can automatically restart failed components because those components function in the user space. An adaptive partitioning feature of the micro kernel operating system provides guarantees of CPU resources for designated components, thereby preventing a component from consuming all CPU resources to the detriment of other system components.

A core layer 320 of the firmware architecture provides service/event library and client API library components. A client API library can register managers and drivers to handle events and to tell other managers or drivers to perform some action. The service/event library maintains lists of listeners for events that each manager or driver detects and distributes according to one of the lists.

Driver layer 330 interacts with hardware peripherals of SMA controller 120. For example, drivers can be provided for touch screen 220, broadband connection 230, WiFi transceiver 235, cellular transceiver 240, USB interface 255, SD interface 265, audio processor 225, and the various modules coupled to processor 210 via SPI interface 250. Manager layer 340 provides business and control logic used by the other layers. Managers can be provided for alarm activities, security protocols, keypad functionality, communications functionality, audio functionality, and the like.

Keypad user interface layer 350 drives the touch screen user interface of SMA controller 120. An example of the touch screen user interface consists of a header and a footer, widget icons and underlying widget user interfaces. Keypad user interface layer 350 drives these user interface elements by providing, for example, management of what the system Arm/Disarm interface button says and battery charge information, widget icon placement in the user face area between the header and footer, and interacting with widget engine layer 360 to display underlying widget user interface when a widget icon is selected.

In embodiments of the present invention, typical SMA controller functions are represented in the touch screen user interface as widgets (or active icons). Widgets provide access to the various security monitoring and automation control functions of SMA controller 120 as well as support for multi-media functionality through widgets that provide, for example, news, sports, weather and digital picture frame functionality. A main user interface screen can provide a set of icons, each of which represents a widget. Selection of a widget icon can then launch the widget. Widget engine layer 360 includes, for example, widget engines for native, HTML and FLASH-based widgets. Widget engines are responsible for displaying particular widgets on the screen. For example, if a widget is developed in HTML, selection of such a widget will cause the HTML widget engine to display the selected widget or touch screen 220. Information related to the various widgets is provided in widget layer 370.

FIG. 4 is an illustration of an example user interface for an SMA controller 120, according to an embodiment of the present invention. The illustrated user interface provides a set of widget icons 410 that provide access to functionality of SMA controller 120. As illustrated, widgets are provided to access security functionality, camera images, thermostat control, lighting control, and other settings of the SMA controller. Additional widgets are provided to access network-based information such as weather, news, traffic, and digital picture frame functionality. A header 420 provides access to an Arm/Disarm button 425 that allows for arming the security system or disarming it. Additional information can be provided in the header, such as, for example, network status messages. A footer 430 can provide additional status information such as time and date, as displayed.

A user can select widgets corresponding to desired functionality. Embodiments of the present invention provide for access to widgets via portal server 170. A provider of operator domain 160 can determine functionality accessible to users. Accessibility of functionality can be generally available to all users or be restricted in a manner determined by the provider. For example, functionality availability can be based upon tiers of users (e.g., subscription levels associated with payment levels). Alternatively, as another example, functionality availability can be based upon subscriber information drawn from external sources such as a billing system in the operator domain. Information can be drawn from the external sources that indicate other services the subscriber receives from the provider, and appropriate widgets can then be made available (e.g., a subscriber of VoIP services can gain access to a voice mail widget). A user can then select from the set of accessible widgets and the selected widgets will be distributed and displayed on the user interface of SMA controller 120.

Widget Management

While some widget programs may come pre-installed on an SMA controller, most widget programs will be provided to an SMA controller from a server in operator domain 160. A provider of SMA controller services can determine those widget programs that the provider decides to make available to end-users. Optionally, a provider can determine whether to limit certain widget programs to different sets of users. For example, access can be limited to specific tiers of users, thereby adding value to “premium” service subscription tiers. Alternatively, users who receive certain services from the provider can receive access to widgets that correspond to those services. Or a provider can choose to restrict access to widgets using some combination of criteria (e.g., service associated widgets also being limited based upon subscription tiers).

Widget programs can be selectable by end-users via a subscriber portal (e.g., portal server 170). Alternatively, a provider can require installation of a widget program and have that widget program automatically pushed to subscriber SMA controllers. A provider can manage the variety of widget programs made available to that provider's subscribers through the use of a management portal executing on a portal server (e.g., portal server 170).

A provider associated with an operator domain 160 can flexibly determine those widget programs the provider decides to make available to subscribers. As stated above, embodiments of SMA controller 120 provide support for HTML and FLASH-based widget programs, as well as those designed to run natively on SMA controller processor 210. Through the use of “open” standards such as HTML and FLASH, a sizeable community of widget programmers and programs can be readily available. In order to ease creation of programs intended for SMA controller 120, a software developer kit (SDK) can be made available.

A provider of SMA controller services can decide not only those widget programs that will be made available to subscribers, but also those subscribers that can access certain widget programs or functionality of widget programs. In the example of a tier-based widget access environment, a provider can implement service tier levels for the provider's customers. For example, a provider can have a standard tier of service (“bronze”), a middle tier of service (“silver”), and a premium tier of service (“gold”). Standard tier customers can have access to a first set of widget programs. Middle tier customers can have access to the same widget programs available to standard tier customers plus another set of widget programs, and premium tier customers can have access to still more widget programs. Further, a provider can set varying qualities of service for widget programs or widget program functionality based upon the tier system. For example, premium tier customers can have more frequent data updating for certain widgets (e.g., weather) than do standard tier customers. Alternatively, a provider can make newer versions of widget programs available to premium tier customers prior to making them available to lower tier customers.

In the example of a subscriber-related services widget access environment, a provider can associate widgets with corresponding services provided by the provider. A server in operator domain 160 (e.g., portal server 170) can be coupled to one or more external servers that can provide subscriber information regarding those services subscribed to by a subscriber (e.g., a billing system or some other subscriber tracking database). For each subscriber, a determination can be made as to which widgets are associated with subscribed to services and those widgets can be made available to that subscriber, either automatically or by selection.

Once a widget program is made available to customers, a provider can opt to automatically push the widget program to all relevant subscribers or to make the widget program available for user selection. In order to select widget programs, a subscriber can access a portal server 170. Based upon the subscriber's profile, those widget programs available to that user are displayed for selection. A user can then select desired widget programs and define values for parameters associated with those programs. For example, an end-user can select a weather widget program that requires location information from the user in order to display relevant information. Optionally, user profile information stored in operator domain 160 can be accessed in order to set or modify variables (e.g., default values) of certain widget programs. Widget programs can be modifiable in this manner to the extent permitted by either the programmer, the provider or the customer tier. Once selected, widget program icons are displayed on an SMA controller 120 in a manner reflected, as an example, in FIG. 4.

FIG. 5 is a simplified flow diagram illustrating a widget management process, in accord with embodiments of the present invention. As an initial step, a widget program can be encoded by a widget developer (510). While some widget programs can be made available to a provider as a set of defaults, an available source of third party developed widget programs enhances functionality of SMA controller 120. As discussed above, SMA controller 120 can provide not only native support for widget programs, but also HTML and FLASH support from widget engines 360. Additional environmental support can be provided by adding widget engines to widget engine 360 area of SMA controller 120. In order to facilitate distribution of a widget program to subscribing SMA controllers, a developer assembles a bundle of files that support execution of the widget program. This bundle of files can include HTML, or FLASH files, style sheets, images, and a manifest file.

As part of the widget program development process, a developer prepares a manifest data file (520). The manifest data file contains metadata about the widget program and can, for example, be an XML file. Manifest file data includes information needed to run, provision and manage the widget program. For example, manifest file data can include a minimum firmware version of the SMA controller, a version number of the widget program, property definitions of the widget program, run mode of the widget program, an identifier for a widget engine to support the widget program, and an editor key identifying an editor used in the subscriber portal to edit a widget's properties. Manifest data can be used to populate widget management screens of a management portal once the widget program bundle has been provided.

FIG. 6 provides an example of manifest data file data usable by embodiments of the present invention. FIG. 6 illustrates how data values would appear to a user of a management portal for a manifest file that has previously been provided to the provider's systems.

Manifest data file property definitions provide necessary widget properties. In one embodiment of the present invention, three types of properties are defined. A first type of property is an Admin property (610) which is only editable by a management portal user account having authority to modify Admin properties (e.g., a role, privilege, or ACL). Examples of Admin properties include a defined poll rate of a widget (e.g., how often the widget updates information) or API keys (e.g., Flickr API key is operator specific). Admin property definitions can be tier-based. For example, polling rates for a widget program can differ depending upon subscriber tier. Once an Admin property definition has been changed by an authorized account, the altered value can be pushed to all subscribing SMA controllers. A second property can be a Premise Default (620), which allows a provider to initially specify a default setting that a user can then later change. Regular expression type strings can be used to specify a premise default property. For example, a weather widget can use a city associated with a particular user's account as its default city for weather, or Fahrenheit for a default temperature scale. A third type of property is a User or Custom property, which are user-provided values for overwritten defaults. FIG. 6 further shows those property values that have been defined with default values (630).

As stated above, a manifest data file can also include a run mode. In one embodiment of the present invention, run modes include static, persistent, and persistent with persistent window. A static run mode results in the widget program not instantiating until selected on an SMA controller. Icons for static run mode widget programs are static and do not change. A persistent run mode results in the widget program having a dynamic icon that changes with new data as it arrives. For example, a security widget icon reflects armed and disarmed states. The persistent with persistent window run mode widget programs provide a dynamic icon with a window instantiated off screen when not displayed. Such off screen instantiation speeds up display time for such widget programs. An example of such a widget program can be a weather widget program that receives radar information when the window is not displayed and stores that for display when the user selects the weather widget icon.

In preparation for importing the widget program bundle to a server in the operator domain, a widget archive is generated (530). The widget archive can be, for example, an encrypted .zip or .tar file that contains all files related to the widget bundle. An archive file can be compressed for space and data bandwidth considerations and encrypted for security considerations. The archive file can then be imported to an operator server (540). An operator can use the management portal to specify the location of the widget program archive and to then store the files from the widget program archive in a widget database (e.g., located on database server 185).

An administrator of the provider server can then utilize the management portal to customize the widget as necessary. Default values of parameters associated with the widget program can be pre-populated in the management portal screens using metadata provided in the manifest data file (550).

FIG. 7 illustrates one example of a management portal interface usable by embodiments of the present invention. FIG. 7 illustrates the management features available to an authorized account on the management portal. Summary information about a widget can be provided in a portal pane (710). Such information can include, for example, a unique identifier for the widget, a description of the widget functionality, version number, creation date, and an example screenshot. Actions can also be accessed by the authorized account that allow modification of the widget or its functionality, and for options on deployment of the widget.

Prior to making the widget program publicly available in the provider network, a provider can assign the widget program to a testing tier (560). Accounts having access to the testing tier can test the widget program in the provider's environment. For example, quality assessment personnel in the operator domain can determine whether any parameters of the widget program cause undesirable functional results. Once the testing period has been completed, the provider can then assign the widget program to one or more production tiers (570). The provider can also specify whether the installed widget program should be automatically uploaded to SMA controllers supported by the provider system or to be just made available to a subscriber upon next login to the subscriber portal. Uploading and other access to widget programs is performed by servers accessed by SMA controllers (e.g., servers 165).

FIG. 8 illustrates an example of a tier selection pane provided by a management portal, in accord with embodiments of the present invention. As discussed above, an authorized account can select widget behavior and distribution based upon user tiers, and can also limit the distribution to a testing tier, if desired.

As improved versions of a widget program are developed, those improved versions can be imported into the provider's operator domain. New versions can be assigned to the test tier while prior versions are in a production tier. As the new version is verified, the new version can be promoted to the production tier and automatically replace the previous version through a push operation to subscribers SMA controllers.

An Example Computing And Network Environment

As shown above, the present invention can be implemented using a variety of computer systems and networks. An example of one such computing and network environment is described below with reference to FIGS. 9 and 10.

FIG. 9 depicts a block diagram of a computer system 910 suitable for implementing aspects of the present invention (e.g., servers 165, portal server 170, backup server 175, telephony server 180, and database server 185). Computer system 910 includes a bus 912 which interconnects major subsystems of computer system 910, such as a central processor 914, a system memory 917 (typically RAM, but which may also include ROM, FLASH RAM, or the like), an input/output controller 918, an external audio device, such as a speaker system 920 via an audio output interface 922, an external device, such as a display screen 924 via display adapter 926, serial ports 928 and 930, a keyboard 932 (interfaced with a keyboard controller 933), a storage interface 934, a floppy disk drive 937 operative to receive a floppy disk 938, a host bus adapter (HBA) interface card 935A operative to connect with a Fibre Channel network 990, a host bus adapter (HBA) interface card 935B operative to connect to a SCSI bus 939, and an optical disk drive 940 operative to receive an optical disk 942. Also included are a mouse 946 (or other point-and-click device, coupled to bus 912 via serial port 928), a modem 947 (coupled to bus 912 via serial port 930), and a network interface 948 (coupled directly to bus 912).

Bus 912 allows data communication between central processor 914 and system memory 917, which may include read-only memory (ROM) or FLASH memory (neither shown), and random access memory (RAM) (not shown), as previously noted. The RAM is generally the main memory into which the operating system and application programs are loaded. The ROM or FLASH memory can contain, among other code, the Basic Input-Output system (BIOS) which controls basic hardware operation such as the interaction with peripheral components. Applications resident with computer system 910 are generally stored on and accessed via a computer-readable medium, such as a hard disk drive (e.g., fixed disk 944), an optical drive (e.g., optical drive 940), a floppy disk unit 937, or other storage medium. Additionally, applications can be in the form of electronic signals modulated in accordance with the application and data communication technology when accessed via network modem 947 or interface 948.

Storage interface 934, as with the other storage interfaces of computer system 910, can connect to a standard computer-readable medium for storage and/or retrieval of information, such as a fixed disk drive 944. Fixed disk drive 944 may be a part of computer system 910 or may be separate and accessed through other interface systems. Modem 947 may provide a direct connection to a remote server via a telephone link or to the Internet via an internet service provider (ISP). Network interface 948 may provide a direct connection to a remote server via a direct network link to the Internet via a POP (point of presence). Network interface 948 may provide such connection using wireless techniques, including digital cellular telephone connection, Cellular Digital Packet Data (CDPD) connection, digital satellite data connection or the like.

Many other devices or subsystems (not shown) may be connected in a similar manner (e.g., document scanners, digital cameras and so on). Conversely, all of the devices shown in FIG. 9 need not be present to practice the present invention. The devices and subsystems can be interconnected in different ways from that shown in FIG. 9. The operation of a computer system such as that shown in FIG. 9 is readily known in the art and is not discussed in detail in this application. Code to implement the present invention can be stored in computer-readable storage media such as one or more of system memory 917, fixed disk 944, optical disk 942, or floppy disk 938. The operating system provided on computer system 910 may be MS-DOS®, MS-WINDOWS®, OS/2®, UNIX®, Linux®, or another known operating system.

Moreover, regarding the signals described herein, those skilled in the art will recognize that a signal can be directly transmitted from a first block to a second block, or a signal can be modified (e.g., amplified, attenuated, delayed, latched, buffered, inverted, filtered, or otherwise modified) between the blocks. Although the signals of the above described embodiment are characterized as transmitted from one block to the next, other embodiments of the present invention may include modified signals in place of such directly transmitted signals as long as the informational and/or functional aspect of the signal is transmitted between blocks. To some extent, a signal input at a second block can be conceptualized as a second signal derived from a first signal output from a first block due to physical limitations of the circuitry involved (e.g., there will inevitably be some attenuation and delay). Therefore, as used herein, a second signal derived from a first signal includes the first signal or any modifications to the first signal, whether due to circuit limitations or due to passage through other circuit elements which do not change the informational and/or final functional aspect of the first signal.

FIG. 10 is a block diagram depicting a network architecture 1000 in which client systems 1010, 1020 and 1030, as well as storage servers 1040A and 1040B (any of which can be implemented using computer system 910), are coupled to a network 1050. Storage server 1040A is further depicted as having storage devices 1060A(1)-(N) directly attached, and storage server 1040B is depicted with storage devices 1060B(1)-(N) directly attached. Storage servers 1040A and 1040B are also connected to a SAN fabric 1070, although connection to a storage area network is not required for operation of the invention. SAN fabric 1070 supports access to storage devices 1080(1)-(N) by storage servers 1040A and 1040B, and so by client systems 1010, 1020 and 1030 via network 1050. Intelligent storage array 1090 is also shown as an example of a specific storage device accessible via SAN fabric 1070.

With reference to computer system 910, modem 947, network interface 948 or some other method can be used to provide connectivity from each of client computer systems 1010, 1020 and 1030 to network 1050. Client systems 1010, 1020 and 1030 are able to access information on storage server 1040A or 1040B using, for example, a web browser or other client software (not shown). Such a client allows client systems 1010, 1020 and 1030 to access data hosted by storage server 1040A or 1040B or one of storage devices 1060A(1)-(N), 1060B(1)-(N), 1080(1)-(N) or intelligent storage array 1090. FIG. 10 depicts the use of a network such as the Internet for exchanging data, but the present invention is not limited to the Internet or any particular network-based environment.

Other Embodiments

The present invention is well adapted to attain the advantages mentioned as well as others inherent therein. While the present invention has been depicted, described, and is defined by reference to particular embodiments of the invention, such references do not imply a limitation on the invention, and no such limitation is to be inferred. The invention is capable of considerable modification, alteration, and equivalents in form and function, as will occur to those ordinarily skilled in the pertinent arts. The depicted and described embodiments are examples only, and are not exhaustive of the scope of the invention.

The foregoing describes embodiments including components contained within other components (e.g., the various elements shown as components of computer system 910). Such architectures are merely examples, and, in fact, many other architectures can be implemented which achieve the same functionality. In an abstract but still definite sense, any arrangement of components to achieve the same functionality is effectively “associated” such that the desired functionality is achieved. Hence, any two components herein combined to achieve a particular functionality can be seen as “associated with” each other such that the desired functionality is achieved, irrespective of architectures or intermediate components. Likewise, any two components so associated can also be viewed as being “operably connected,” or “operably coupled,” to each other to achieve the desired functionality.

The foregoing detailed description has set forth various embodiments of the present invention via the use of block diagrams, flowcharts, and examples. It will be understood by those within the art that each block diagram component, flowchart step, operation and/or component illustrated by the use of examples can be implemented, individually and/or collectively, by a wide range of hardware, software, firmware, or any combination thereof. For example, specific electronic components can be employed in an application specific integrated circuit or similar or related circuitry for implementing the functions associated with one or more of the described functional blocks.

The present invention has been described in the context of fully functional computer systems; however, those skilled in the art will appreciate that the present invention is capable of being distributed as a program product in a variety of forms, and that the present invention applies equally regardless of the particular type of computer-readable media used to actually carry out the distribution. Examples of computer-readable media include computer-readable storage media, as well as media storage and distribution systems developed in the future.

The above-discussed embodiments can be implemented by software modules that perform one or more tasks associated with the embodiments. The software modules discussed herein may include script, batch, or other executable files. The software modules may be stored on a machine-readable or computer-readable storage media such as magnetic floppy disks, hard disks, semiconductor memory (e.g., RAM, ROM, and FLASH-type media), optical discs (e.g., CD-ROMs, CD-Rs, and DVDs), or other types of memory modules. A storage device used for storing firmware or hardware modules in accordance with an embodiment of the invention can also include a semiconductor-based memory, which may be permanently, removably or remotely coupled to a microprocessor/memory system. Thus, the modules can be stored within a computer system memory to configure the computer system to perform the functions of the module. Other new and various types of computer-readable storage media may be used to store the modules discussed herein.

The above description is intended to be illustrative of the invention and should not be taken to be limiting. Other embodiments within the scope of the present invention are possible. Those skilled in the art will readily implement the steps necessary to provide the structures and the methods disclosed herein, and will understand that the process parameters and sequence of steps are given by way of example only and can be varied to achieve the desired structure as well as modifications that are within the scope of the invention. Variations and modifications of the embodiments disclosed herein can be made based on the description set forth herein, without departing from the scope of the invention.

Consequently, the invention is intended to be limited only by the scope of the appended claims, giving full cognizance to equivalents in all respects. 

What is claimed is:
 1. A method comprising: receiving, by an application management system, an application package, wherein the application package comprises an application; receiving an indication of an access restriction associated with the application, wherein the access restriction is configured to limit, based on functionality of the application, access to the application to a subset of users of a plurality of users; receiving, by the application management system and from a remote device associated with a user of the plurality of users, a request for the application; determining that the user is a member of the subset of users; and sending, to an interface device associated with the user and based on receiving the request, the application, wherein the interface device is configured to install and execute the application on the interface device, wherein the interface device is located at a premises and configured to manage one or more of a security device or an automation device located at the premises.
 2. The method of claim 1, wherein the access restriction comprises an association of the application with a service tier, wherein the subset of users are members of the service tier.
 3. The method of claim 2, further comprising: determining a service tier associated with the user; displaying, to the user via a user interface and based on determining that the service tier associated with the user matches the service tier associated with the application, information associated with the application; and wherein sending the application to the interface device is performed based on the user selecting, via the user interface, the application.
 4. The method of claim 2, wherein the service tier corresponds to a purchased level of service.
 5. The method of claim 2, wherein a level of functionality of the application is associated with the service tier.
 6. The method of claim 1, wherein the application package comprises a manifest file describing the application, wherein the manifest file comprises one or more of a minimum firmware, a version number of the application, a property definition of the application, a run mode of the application, an identifier for an application engine, and an editor key.
 7. The method of claim 6, wherein the property definition comprises one or more of an admin property definition editable by an management portal account having authority to modify admin properties, a premise default property definition specifying an initial default setting editable by a user account, and a user property definition.
 8. The method of claim 6, wherein the run mode of the application comprises one of: a static run mode in which an icon associated with the application does not change; a persistent run mode in which the icon associated with the application changes with new data based on the new data being received by the interface device; or a persistent with persistent window run mode in which the icon associated with the application changes with new data based on the new data being received by the interface device and a window associated with the application being instantiated on a separate device.
 9. The method of claim 1, wherein the application is associated with a premises management service, wherein the subset of users subscribe to the premises management service.
 10. The method of claim 1, wherein the application comprises a widget program.
 11. An application management system comprising: a database server configured to store an application package comprising an application; and a portal server configured to: receive an indication of an access restriction associated with the application, wherein the access restriction is configured to limit, based on functionality of the application, access to the application to a subset of users of a plurality of users, receive, from a remote device associated with a user of the plurality of users, a request for the application, and determine that the user is a member of the subset of users, and send, to an interface device associated with the user and based on receiving the request, the application, wherein the interface device is configured to install and execute the application on the interface device, wherein the interface device is located at a premises and configured to manage one or more of a security device or automation devices located at the premises.
 12. The application management system of claim 11, wherein the access restriction comprises an association of the application with a service tier, wherein the subset of users are members of the service tier.
 13. The application management system of claim 12, wherein the portal server is configured to: determine a service tier associated with the user; display, to the user via a user interface and based on determining that the service tier associated with the user matches the service tier associated with the application, information associated with the application; and wherein sending the application to the interface device is performed based on the user selecting, via the user interface, the application.
 14. The application management system of claim 12, wherein the service tier corresponds to a purchased level of service.
 15. The application management system of claim 12, wherein a level of functionality of the application is associated with the service tier.
 16. The application management system of claim 11, wherein the application package comprises a manifest file describing the application, wherein the manifest file comprises one or more of a minimum firmware version, a version number of the application, a property definition of the application, a run mode of the application, an identifier for an application engine, and an editor key.
 17. The application management system of claim 16, wherein the property definition comprises one or more of an admin property definition editable by an management portal account having authority to modify admin properties, a premise default property definition specifying an initial default setting editable by an user account, and a user property definition.
 18. The application management system of claim 16, wherein the run mode of the application comprises one of: a static run mode in which an icon associated with the application does not change when displayed on the interface device; a persistent run mode in which the icon associated with the application changes with new data based on the new data being received by the interface device; and a persistent with persistent window run mode in which the icon associated with the application changes with new data based on the new data being received by the interface device and a window associated with the application being instantiated on a separate device.
 19. The application management system of claim 11, wherein the application is associated with a premises management service, wherein the subset of users subscribe to the premises management service.
 20. The application management system of claim 11, wherein the application comprises a widget program.
 21. A device comprising: one or more processors; and memory storing instructions that, when executed by the one or more processors, cause the device to: receive an application package associated with an application management system, wherein the application package comprises an application; receive an indication of an access restriction associated with the application, wherein the access restriction is configured to limit, based on functionality of the application, access to the application to a subset of users of a plurality of users; receive, from a remote device associated with a user of the plurality of users, a request for the application; determine that the user is a member of the subset of users; and send, to an interface device associated with the user and based on receiving the request, the application, wherein the interface device is configured to install and execute the application on the interface device, wherein the interface device is located at a premises and configured to manage one or more of a security device or an automation device located at the premises.
 22. The device of claim 21, wherein the access restriction comprises an association of the application with a service tier, wherein the subset of users are members of the service tier.
 23. The device of claim 21, wherein the application package comprises a manifest file comprising one or more property value associated with the application.
 24. The device of claim 23, wherein the manifest file comprises a run mode of the application, wherein the run mode defines behavior of an icon representing the application on the interface device. 